ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE4_FGT-6.4 All Questions

View all questions & answers for the NSE4_FGT-6.4 exam
Go to Exam

Exam NSE4_FGT-6.4 topic 1 question 52 discussion

Actual exam question from Fortinet's NSE4_FGT-6.4
Question #: 52
Topic #: 1
[All NSE4_FGT-6.4 Questions]

Refer to the exhibit.

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 fails to come up. The administrator has also re-entered the pre-shared key on both FortiGate devices to make sure they match.
Based on the phase 1 configuration and the diagram shown in the exhibit, which two configuration changes will bring phase 1 up? (Choose two.)

  • A. On HQ-FortiGate, set IKE mode to Main (ID protection).
  • B. On both FortiGate devices, set Dead Peer Detection to On Demand.
  • C. On HQ-FortiGate, disable Diffie-Helman group 2.
  • D. On Remote-FortiGate, set port2 as Interface.
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by yanto at Aug. 19, 2021, 3:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kkkvo
Highly Voted 3 years, 8 months ago
FortiGate Infrastructure 6.4 Study Guide p. 217 In IKEv1, there are two possible modes: main and aggressive... Settings on both end must agree. A & D
upvoted 22 times
...
SandroAlex
Most Recent 3 years, 1 month ago
Selected Answer: AD
A e D são verdadeiras
upvoted 1 times
...
mario156090
3 years, 2 months ago
Selected Answer: AD
A, B. Answers.
upvoted 1 times
...
Corynth
3 years, 2 months ago
D&A - FortiGate Infrastructure 7.0 Study Guide p. 222
upvoted 1 times
ChuckC
2 years, 9 months ago
It's actually on FortiGate Infrastructure 7.0 Study Guide p. 207
upvoted 1 times
ChuckC
2 years, 9 months ago
Oops Typo. Page 208
upvoted 2 times
NicolaeEast
2 years, 8 months ago
This is the one. Infra 7.0 pg 208.
upvoted 1 times
...
...
...
...
constant380
3 years, 2 months ago
Selected Answer: AD
A & D are correct
upvoted 1 times
...
Flo31
3 years, 4 months ago
Selected Answer: AD
A & D Correct
upvoted 2 times
...
MrSaintz
3 years, 4 months ago
Selected Answer: AD
A & D Correct
upvoted 1 times
...
mrtim5700
3 years, 4 months ago
Selected Answer: AD
Remote FortiGate has the VPN bound to the wrong interface. Choose main mode or aggressive mode. On site to sites, main mode is the correct answer.
upvoted 2 times
...
rubenpm
3 years, 5 months ago
Selected Answer: AD
A & D is correct
upvoted 3 times
...
chmel999
3 years, 5 months ago
100% AD
upvoted 3 times
...
forti_Ctes
3 years, 7 months ago
A & D are correct
upvoted 2 times
...
bgranja
3 years, 8 months ago
B & C DpD must be the same on both sides. DHG must match in both sides
upvoted 1 times
bgranja
3 years, 8 months ago
Sorry, didn´t see port issue... C &D
upvoted 1 times
2021gene
3 years, 7 months ago
DH group 2 is enabled on both sides, and point C says disable DH g2 on HQ fortigate, so option C will make it worse I guess
upvoted 2 times
...
Seph1
3 years, 7 months ago
wrong. A & D is correct
upvoted 2 times
...
...
...
franger
3 years, 8 months ago
I was thinking A and D...But if I read the question carefully, it says on Phase 1... so on the Options, the C is the only one applying to phase 1... so the port2 definitely needs to be an option...thinking of the other option according to the question... should be C and D the correct ones.
upvoted 3 times
...
yadavarya97
3 years, 8 months ago
A & D, as its asking choose two. A because the port is wrong . It should be port 2 and main mode needs to be same.
upvoted 4 times
...
yemicontrol
3 years, 8 months ago
A is the answer
upvoted 1 times
...
DIGGERNZ
3 years, 8 months ago
A & D, look at the port in the logical diagram.
upvoted 2 times
...
moneim
3 years, 8 months ago
A&D.....not sure about A though
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago